[clamav-users] No good deed goes unpunished, or, why CVD files don't work

J.R. themadbeaker at gmail.com
Thu Dec 20 09:26:13 EST 2018


> Note these restrictions:

You must either be running an old version of ClamAV or using an old
.conf file... Relevant part from my freshclam.conf below... Doing a
DNS lookup requires very little data transfer since it's just a small
UDP packet (~100 bytes maybe) back & forth (and is probably the most
efficient way to do this utilizing existing services). I'm not
advocating saying it's okay to do to excessive lookups, but even if
you did 10 lookups per hour that is a whopping grand total of 2 KB data
being transferred back & forth.

Me personally, I only check once an hour because I don't receive many
emails. But I can understand on a busier server the need to keep all
the various signatures up to date.

# Use DNS to verify virus database version. Freshclam uses DNS TXT records
# to verify database and software versions. With this directive you can change
# the database verification domain.
# WARNING: Do not touch it unless you're configuring freshclam to use your
# own database verification domain.
# Default: current.cvd.clamav.net
#DNSDatabaseInfo current.cvd.clamav.net

# database.clamav.net is now the primary domain name to be used world-wide.
# Now that CloudFlare is being used as our Content Delivery Network (CDN),
# this one domain name works world-wide to direct freshclam to the closest
# geographic endpoint.
DatabaseMirror db.local.clamav.net
DatabaseMirror db.local.clamav.net

More information about the clamav-users mailing list